CVE-2018-8453

Name of the Vulnerable Software and Affected Versions Windows 7 Windows Server 2012 R2 Windows RT 8.1 Windows Server 2008 Windows Server 2019 Windows Server 2012 Windows 8.1 Windows Server 2016 Windows Server 2008 R2 Windows 10 Windows 10 Servers

Description The issue is related to the Win32k component (win32k.sys) in Windows operating systems, which fails to properly handle objects in memory, allowing an attacker to elevate privileges and execute arbitrary code using a specially crafted application. This can be exploited by ransomware such as Sodinokibi (also known as Sodin) to gain the highest level of privileges on a target system.

Recommendations For Windows 7, update to a newer version or apply the relevant patch to fix the issue. For Windows Server 2012 R2, update to a newer version or apply the relevant patch to fix the issue. For Windows RT 8.1, update to a newer version or apply the relevant patch to fix the issue. For Windows Server 2008, update to a newer version or apply the relevant patch to fix the issue. For Windows Server 2019, update to a newer version or apply the relevant patch to fix the issue. For Windows Server 2012, update to a newer version or apply the relevant patch to fix the issue. For Windows 8.1, update to a newer version or apply the relevant patch to fix the issue. For Windows Server 2016, update to a newer version or apply the relevant patch to fix the issue. For Windows Server 2008 R2, update to a newer version or apply the relevant patch to fix the issue. For Windows 10, update to a newer version or apply the relevant patch to fix the issue. For Windows 10 Servers, update to a newer version or apply the relevant patch to fix the issue. As a temporary workaround, consider restricting access to the Win32k component until a patch is available.